package cn.cold.album;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import cn.cold.album.service.AlbumUserDetailService;

@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests().antMatchers("/static/**").permitAll().anyRequest().authenticated().and().formLogin()
				.loginPage("/login").permitAll().and().csrf().disable();
	}
	
	@Autowired
	private AlbumUserDetailService detail;
	
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		  ShaPasswordEncoder encoder = new ShaPasswordEncoder();
          auth.userDetailsService(detail).passwordEncoder(encoder);
	}
}
